New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Force 127.0.0.1 when host is 127.0.0.1 with ssh tunnel #331
Comments
Seconding this; Using mariadb on a Debian 10 system, using unix_plugin as an auth method for local host enables ease of use in the terminal, but requires a second user such as user@127.0.0.2 to be made for SSH tunnel access. HeidiSQL for me as well, only SSH tunnels to localhost rather than 127.0.0.2 at the end of the tunnel, making it difficult to use both built in authentication and remote access. Bump? |
Could you examine the plink command line, which should show up in the bottom SQL log panel. And how to modify it so "localhost" is not used. There is no obvious part in that command line using "localhost". |
Upon further investigation, it appears this is user error on my part. I tested this by setting Hostname / IP option to various things, such as my FQDN, hostname, random false names, and various localhost addresses. This all worked ok, it all connects to the correct address. There's nothing wrong with it. I believe this is an older misconception where changing where the hostname would change the user in when running the mysql command. For example: Now a days, I believe mariadb is strictly using the source host, wherein SSH probably opens up a source local socket from 127.0.0.1 regardless of the destination. I disabled mysql reverse dns lookups service to confirm this. There does not appear to be an easy way to set a source IP in an SSH tunnel from what I have googled. |
For no apparent reason, even by setting
127.0.0.1
as Host in the connection pane, Heidisql is still trying to connect tolocalhost
localhost
and127.0.0.1
are the same host, but MySQL refuses to authenticate due to grants set asmyuser@127.0.0.1
andmyuser@127.0.0.1
is different frommyuser@localhost
This only happens when using a certificate file as identity. Direct access with ssh user/password (without the key), doesn't show the issue.
The text was updated successfully, but these errors were encountered: